Infosecurity News

  1. Biden Tightens Software Supply Chain Security Requirements Ahead of Trump Takeover

    The US President’s second cybersecurity Executive Order will impose stricter security standards on software providers

  2. DORA Compliance Costs Soar Past €1m for Many UK and EU Businesses

    Compliance with the Digital Operational Resilience Act (DORA) has cost many businesses over €1 million, according to research from Rubrik

  3. New Hacking Group Leaks Configuration of 15,000 Fortinet Firewalls

    The leak likely comes from a zero-day exploit affecting Fortinet’s products

  4. GoDaddy Accused of Serious Security Failings by FTC

    A proposed settlement order from the FTC will require GoDaddy to strengthen its security practices following multiple data breaches at the web hosting giant

  5. Hackers Use Image-Based Malware and GenAI to Evade Email Security

    HP Wolf highlighted novel techniques used by attackers to bypass email protections, including embedding malicious code inside images and utilizing GenAI

  6. EU To Launch New Support Centre by 2026 to Boost Healthcare Cybersecurity

    A new EU action plan will be structured around four pillars: prevention, threat detection and identification, response to cyber-attacks and deterrence

  7. CISA Launches Playbook to Boost AI Cybersecurity Collaboration

    CISA launched the JCDC AI Cybersecurity Playbook to enhance collaboration on AI cybersecurity risks

  8. Chinese PlugX Malware Deleted in Global Law Enforcement Operation

    The FBI deleted Chinese PlugX malware from thousands of devices in the US, using a technique developed by French cybersecurity firm Sekoia.io

  9. Multi-Cloud Adoption Surges Amid Rising Security Concerns

    A new report from Fortinet reveals increased adoption of multi-cloud strategies and hybrid implementations combining on-premises and public cloud infrastructure

  10. Illicit Crypto-Inflows Set to Top $51bn in a Year

    Chainalysis estimates threat actors made at least $51bn through crypto crime in 2024

  11. Fortinet Confirms Critical Zero-Day Vulnerability in Firewalls

    The security provider published mitigation measures to prevent exploitation

  12. Secureworks Exposes North Korean Links to Fraudulent Crowdfunding

    Secureworks Counter Threat Unit (CTU) has identified links between North Korean IT workers and fraudulent crowdfunding activities, with the group known as Nickle Tapestry orchestrating scams to support North Korean interests

  13. Microsoft Patches Eight Zero-Days to Start the Year

    Patch Tuesday saw Microsoft fix eight zero-days, three of which are being actively exploited

  14. New AI Rule Aims to Prevent Misuse of US Technology

    A new Interim Final Rule on Artificial Intelligence Diffusion issued in the US strengthens security, streamlines chip sales and prevents misuse of AI technology

  15. Browser-Based Cyber-Threats Surge as Email Malware Declines

    Browser-based cyber-threats surged in 2024, with credential abuse and infostealers on the rise

  16. Manchester Law Firm Leads 15,000 to Sue Google and Microsoft over AI Data

    Barings Law is planning to sue the two tech giants over numerous alleged violations of data misuse, including for AI training

  17. UK Considers Ban on Ransomware Payments by Public Bodies

    A UK government consultation has proposed banning public sector and critical infrastructure organizations from making ransomware payments to disincentivize attackers from targeting these services

  18. Remediation Times Drop Sharply as Cyber Hygiene Take Up Surges

    CISA claims US critical infrastructure providers are improving cyber hygiene and remediation activities

  19. UK Registry Nominet Breached Via Ivanti Zero-Day

    The .uk registry Nominet has been breached by a recently disclosed zero-day vulnerability in Ivanti products

  20. Critical Infrastructure Urged to Scrutinize Product Security During Procurement

    A joint government advisory has set out steps critical infrastructure firms should take to ensure any OT products they purchase are secure by design

What’s Hot on Infosecurity Magazine?